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About This Guide 


¡Manage is a browser-based tool used for administering, managing, and 
configuring Novell® eDirectory™ objects. iManage gives you the ability to 
assign specific tasks or responsibilities to users and to present the user with 
only the tools (with the accompanying rights) necessary to performs those sets 
of tasks. 


In NetWare® 6, you can use iManage to administer iPrint, DNS/DHCP, and 
Novell Licensing Services. 


This guide includes the following sections: 
+ Chapter 1, “Getting Started,” on page 9 
+ Chapter 2, “Administration Basics,” on page 11 
+ Chapter 3, “Configuring Role Based Services,” on page 17 
+ Chapter 4, “Troubleshooting,” on page 27 


Documentation Conventions 


In this documentation, a greater than symbol (>) is used to separate actions 
within a step and items in a cross-reference path. 


Also, a trademark symbol @, TM. etc.) denotes a Novell trademark. An asterisk 
(f) denotes a third-party trademark. 
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Getting Started 


This section contains the following information: 
+ “System Requirements” on page 9 
+ “Installing iManage” on page 9 


+ “Accessing iManage” on page 10 


System Requirements 


¡Manage supports the following browsers: 
+ Internet Explorer 5.5 
+ Netscape* 4.6, 4.7, and 6.1 


iManage automatically opens in Simple mode with Netscape 4.6 or 4.7. 
For more information, see “Opening ¡Manage in Simple Mode” on page 
10. 


Installing iManage 


iManage is installed automaticallv during the NetWare® 6 server installation. 
During the server installation, the schema is extended to allow for iManage's 
new Role Based Services extensions. 


After the installation, vou should configure Role Based Services for vour 
situation. See “Setting Up Role Based Services” on page 21 for more 
information. 
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Accessing iManage 


You can open iManage in either of the following modes: 
+ “Opening iManage in Regular Mode” on page 10 
+ “Opening iManage in Simple Mode” on page 10 


Opening ¡Manage in Regular Mode 
1 In a Web browser, enter the following in the address (URL) field: 
https: //server's_IP_address:2200/eMFrame/iManage.html 
For example: 
https://137.65.135.150:2200/eMFrame/iManage.html 


2 Log in using your username, context, password, and eDirectory tree 
name. 


You will only have access to those features you have rights to. To have 
full access to all ¡Manage features, you must log in as Supervisor of the 
tree. 


Opening ¡Manage in Simple Mode 


In Simple mode, iManage provides the same functionality as it does in 
Regular mode, but with a simpler Web interface. Simple mode can be used 
with screen readers, and provides accessibility features intended to 
accommodate persons with disabilities. 


Netscape 4.6 and 4.7 automatically open ¡Manage in Simple mode. 
1 Ina Web browser, enter the following in the address (URL) field: 
https://server's_IP_address:2200/eMFrame/Simple.html 
For example: 
https://137.65.135.150:2200/eMFrame/Simple.html 


2 Log in using your username, context, password, and eDirectory Tree 
name. 


You will only have access to those features you have rights to. To have 
full access to all ¡Manage features, you must log in as Supervisor of the 
tree. 
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Administration Basics 


This chapter explains how to perform essential tasks such as creating and 
deleting objects, and using the ¡Manage search and browse features. 


In This Chapter 
+ “Managing User Accounts” on page 11 
+ “Organizing Objects into Containers” on page 12 
+ “Creating Group Objects” on page 14 
+ “Deleting Objects” on page 14 
+ “Browsing and Finding Objects” on page 14 


Managing User Accounts 


A user account is a User object in the Novell® eDirectory™ tree. A User object 
specifies a user's login name and supplies other information used by 
eDirectory and NetWare® to control the user’s access to network resources. 


In This Section 
+ “Creating a User Object” on page 11 
+ “Modifying a User Account” on page 12 


Creating a User Object 
1 Click the Roles and Tasks button [al 
2 Click eDirectory Administration > Create Object. 
3 Select User from the Available Classes List > click Next. 
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4 Enter a username and last name for the User object. 


5 Specify the name and context of the container you want this User object 
created in. 


6 Click OK. 


Modifying a User Account 


To modify the properties of a User object you added in iManage, use 
ConsoleOne'TM, See Managing User Accounts in ConsoleOne User Guide for 
more information. 


To assign roles and tasks to a User object, see “Assigning RBS Role 
Membership and Scope” on page 24. 


Organizing Objects into Containers 


Once you are in an eDirectory tree, you can organize it by creating various 
types of containers and placing objects inside them. Objects in a container are 
automatically security equivalent to the container, so make sure you manage 
the container's rights accordingly. 


To modify the rights of a container object you added in ¡Manage, use 
ConsoleOne. See Administering Rights in ConsoleOne User Guide for more 
information. 


Below are procedures to create common container types. For information on 
creating container types for specific applications, see the documentation for 
those applications. For general eDirectory tree design considerations, see 
Designing Your Novell eDirectory Network in Novell eDirectory 
Administration Guide. 
In This Section 

+ “Creating an Organization Object” on page 12 


+ “Creating an Organizational Unit Object” on page 13 


Creating an Organization Object 


E An Organization container object is created when you first install 
eDirectory on a server in your network. As the top-most container under Tree, 
it usually holds Organizational Unit objects and leaf objects. 
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Normally, the Organization object represents your company, although you can 
create additional Organization objects under Tree. This is typically done for 
networks with distinct geographical districts or for companies with separate 
eDirectory trees that have merged. 


4 Click the Roles and Tasks button [al 

2 Click eDirectory Administration > Create Object. 

3 Select Organization from the list of object types > click Next. 
4 Specify a name and context for the Organization > click Next. 


5 Click OK. 


To assign roles and tasks to an Organization, see “Assigning RBS Role 
Membership and Scope” on page 24. 


Creating an Organizational Unit Object 


8 You can create Organizational Unit (OU) container objects to subdivide 
your eDirectory tree. Organizational Units can be created under an 
Organization, Country, or another Organizational Unit object. 


Often, the Organizational Unit object represents a department, which holds a 
set of objects that commonly need access to each other. A typical example is 
a set of User objects, along with the printers, volumes, and applications that 

those Users need. 


At the highest level of Organizational Unit objects, each Organizational Unit 
can represent each site (separated by WAN links) in the network. 


1 Click the Roles and Tasks button 2 

2 Click eDirectorv > Create Object. 

3 Select Organizational Unit from the list of object types > click Next. 
4 Specify a name and context for the Organizational Unit > click Next. 


5 Click OK. 


To assign roles and tasks to an Organizational Unit, see “Assigning RBS Role 
Membership and Scope” on page 24. 
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Creating Group Objects 


& A Group object represents a set of User objects. You can create Group 
objects to help you manage sets of User objects. 


While container objects let you manage all User objects in that container, 
Group objects are for subsets within a container or in multiple containers. 


Group objects give you a way to assign roles and tasks to a number of User 
objects at the same time. For more information, see “Assigning RBS Role 
Membership and Scope” on page 24. 


1 Click the Roles and Tasks button a), 

2 Click eDirectory > Create Object. 

3 Select Group from the list of object types > click Next. 
4 Specify a name and context for the Group > click Next. 


5 Click OK. 


Deleting Objects 


You can’t delete a container object unless you first delete all its contents. 
4 Click the Roles and Tasks button al 
2 Click eDirectory Administration > Delete Object. 
3 Specify the name and context of object you want to delete. 


4 Click OK. 


Browsing and Finding Objects 


The eDirectory Object Selector page lets you search or browse for objects. In 
most entry fields in iManage, you can enter an object name and context, or you 
can click the Object Selector button El to search or browse for the object you 
want. Selecting an object in the eDirectory Object Selector page inserts the 
object and the object's context into the entry field. 


Use the techniques described below to locate the specific objects you want to 
manage. 
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In This Section 


+ “Using Browse” on page 15 


+ “Using Search” on page 15 


Using Browse 


1 Click the Object Selector button E 


2 Use the following options to browse for an object: 





Option 


Description 





e 


Lets you move down one level in the tree. 





t 


Lets you move up one level in the tree. 





Look In 


Lets you enter the name of the container whose contents 
you want to view. 


To use this option, enter the name of the object you want 
> click Browse. 





Look for Name 





Using Search 


Lets you enter the name of an object. 


You can use * as a wildcard character in this field. For 
example, g* finds all objects starting with g, such as 
Germany or Greg, and *te finds all entries ending in te, 
such as Kate or Corporate. 


To use this option, enter the name you want > click 
Browse. 


1 Click the Object Selector button al 


2 Click Search. 


3 In the Start Search In field, enter the name of the container you want to 


search in. 


Click Search Sub-containers to include all subcontainers located within 
the current container in the search. 
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4 In the Search For Name field, enter the name of the object you want to 
search for. 


You can use * as a wildcard character in this field. For example, g* finds 
all objects starting with g, such as Germany or Greg, and *te finds all 
entries ending in te, such as Kate or Corporate. 


5 Click Search. 
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Configuring Role Based Services 


¡Manage gives you the ability to assign specific tasks or responsibilities to 
users and to present the user with only the tools (with the accompanying 
rights) necessary to performs those sets of tasks. 


Role Based Services (RBS) gives you a way to focus the user on a specified 
set of tasks and objects as determined by their roles. What users see when they 
access ¡Manage is based on their role assignments in Novell eDirectory™. 
Only the tasks assigned to that user are displayed. The user does not need to 
browse the tree to find an object to administer; the plug-in for that task 
presents the necessary tools and interface to perform the task. 


You can assign multiple roles to a single user. You can also assign the same 
role to multiple users. 


When a user accesses iManage and successfully logs in, the following page is 
displayed: 
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37.65.211.21:2200/eMFrame/webacc - Microsoft Internet Explorer 
| File Edit view Favorites Tools Help | 
| Heak ~ > - Q (2) A | Search (Favorites <GHistory | Es. $ M Y 

















| Address ja https://137.65.211.21:2200/eMFramefwebacc z] Go || Links » 


iManage 






Novell. 


User: admin.novell. POD-TESTI-TREE. 





+ DHCP Management 





iManage www.novell.com 


+ DNS Management Version 0.0 

















+ eDirectory Administration 





+ {Print Management 





sare You are currently logged in as user admin. novell. PDD-TEST1-TREE. 
ERIE (EEL in the Novell Directory Services tree .PDD-TEST1-TREE. 














Please select a task on the left. 


el 
Iċ) | [à (8) internet Z 





On the left, a list of available roles and tasks that the user has access to is 
displayed. As the user selects a task on the left, the tools necessary to execute 
the task are displayed on the right. 
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3 https://137.65.211.21:2200/eMFrame/webacc - Microsoft Internet Explorer 





| File Edit View Favorites Tools Help 









| bak + + - [2 A| Bsearch [Favorites <Ahistory | ES & mi 2 












| Address [a https://137.65.211.21:2200/eMFramejwebacc El © Go | [Links » 








iManage — 





User: admin.novell. POD-TESTI-TREE. 






































Delete a License User 
Install a License 
Manage License Properties 
A AE E | (si [a 9 Internet Í 


DHCP Management 
DNS Management 


eDirectory Administration 
Create Object 
Delete Object 


iPrint Management 


= License Management 


Create Object 


Select the object type you want to create 


Available Classes 






Organization 
Organizational Unit 





NOTE: The roles and tasks will vary depending on the tree and the user. 
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Role Based Services is represented by objects defined in eDirectory. The base 
eDirectory schema has been extended to accommodate this information. The 
new object types are listed in the following table: 
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Object 


Description 





oo . 
D~ rbsCollection 


A container object that holds all RBS role and task 
objects. 





rbsRole 


Specifies the tasks that users (members) are 
authorized to perform. Defining a role includes 
creating an rbsRole object and specifying the tasks 
that the role can perform. 


rbsRoles can only be created in an rbsCollection 
container. 





[vl rbsTask 


Represents a specific function, such as resetting login 
passwords. 


rbsTask objects are located only in rbsModule 
containers. 





rbsScope 


Represents the context in the tree where a role will be 
performed, and is associated with rbsRole objects. 


This object is dynamically created when needed, then 
automatically deleted when no longer needed. 


WARNING: You should never change the configuration 
of an rbsScope object. Doing so will have serious 
consequences and could possibly break the system. 





a] rosModule 


In This Chapter 


Holds rbsTask objects. 


+ “Setting Up Role Based Services” on page 21 
+ “Defining RBS Roles” on page 22 


+ “Assigning RBS Role Membership and Scope” on page 24 


20 Novell iManage Administration Guide 


Setting Up Role Based Services 


Before you can add RBS objects to your eDirectory tree, the schema of the tree 
must be extended to allow RBS object types, and you must create an 
rbsCollection container to hold all other RBS objects. Typically, the schema 
extension is performed automatically during the installation of NetWare® 6. 
However, you can complete the procedures below to ensure that your tree has 
the needed schema extensions, container object, and product packages. 


In This Section 
+ “Installing RBS Schema Extensions to Your eDirectory Tree” on page 21 
+ “Creating an rbsCollection Container” on page 21 
+ “Installing Product Packages” on page 21 
+ “Modifying RBS Collection Owners” on page 22 


Installing RBS Schema Extensions to Your eDirectory Tree 
1 Click the Configure button El 
2 Click Role Based Services Setup > Extend Schema. 


3 Click OK to add the new Role Base Services schema extensions to the 
tree. 


Creating an rbsCollection Container 
4 Click the Configure button [e] 
2 Click Role Based Services Setup > Create rbsCollection. 
3 Enter a name for the object in the Name field. 


4 Specify a container to hold the object in the Container field. 
5 Click OK. 


Installing Product Packages 
1 Click the Configure button [| 
2 Click Role Based Services Setup > Install Plug-in. 


3 Select the plug-in you want to install. 
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4 Specify an rbsCollection Container to hold the RBS objects for this plug- 
in. 


5 Click OK. 


Modifying RBS Collection Owners 


The user who installed the NetWare 6 server is automatically added as the 
owner of the first rbsCollection container at install time. For additional 
rbsCollection containers, the user who creates them is automatically assigned 
as the owner of the collection. 


You can use the Modify rbsCollection Owners page in ¡Manage to delete or 
change the owner of an rbsCollection container. 


When you make a user an owner of an rbsCollection container, you need to 
grant that user the proper eDirectory rights to fully administer that container. 
Use ConsoleOne™ to give the new owner supervisor rights to the 
rbsCollection container and the objects inside the container (for example, the 
rbsRole an rbsTask objects). See Administering Rights in ConsoleOne User 
Guide for more information. 


1 Click the Configure button | 
2 Click Collection Management > Modify Owners. 


3 Specify the name and context of the rbsCollection object you want to 
modify > click OK. 


4 Add or delete users from the list of owners. 


5 Click OK. 


Defining RBS Roles 


RBS roles specify the tasks that users are authorized to perform. Defining an 
RBS role includes creating an rbsRole object and specifying the tasks that the 
role can perform and the User, Group, or container objects that can perform 
those tasks. In some cases, ¡Manage plug-ins (product packages) might 
provide a few predefined RBS roles that you can modify. 


The tasks that RBS roles can perform are exposed as rbsTask objects in your 
eDirectory tree. These objects are added automatically during the installation 
of product packages. They are organized into one or more rbsModules, which 
are containers that correspond to the different functional modules of the 
product. 
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For information on assigning members to a role, see “Assigning RBS Role 
Membership and Scope” on page 24. 
In This Section 
+ “Creating an rbsRole Object” on page 23 
+ “Modifying the Tasks That rbsRole Objects Can Perform” on page 24 
+ “Deleting a Role Based Services Object” on page 24 


Creating an rbsRole Object 

4 Click the Configure button EJ 

2 Click Role Management > Create Role. 

3 Enter a name for the role in the Role Name field. 

4 Specify an rbsCollection to hold the object in the Collection field. 
rbsRoles can be created only in an rbsCollection container. 
(Optional) Enter a description for the role in the Description field. 
Click Next. 


Specify the tasks you want assigned to this role > click Next. 


on OA 


Specifv the name and context of the object (a User, Group, or Container 
object) you want this role to be associated with > click Add. 


You can add as many Users, Groups, or Containers as you want. 


9 Click Next > select the checkbox next to the name of the object or objects 
you just added. 


10 In the Scope Name field, specify the areas of the tree where the role can 
be performed > click Add. 


You can assign multiple objects to the same scope, or you can assign 
individual scopes for each object. 


Uncheck the Inheritable check box if you want this role to be performed 
only in this context. If this box is checked, any containers or groups under 
this context will inherit the ability to perform this role. 


11 Repeat Step 9 and Step 10 for each object you added in Step 8. 
12 Click Next > Done. 


See “Assigning RBS Role Membership and Scope” on page 24 for 
information on adding members to roles. 
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Modifving the Tasks That rbsRole Objects Can Perform 


Each RBS role has a set of available tasks associated with 1t. You can choose 
which tasks are assigned to a particular role, adding or removing tasks as 
necessary. 


4 Click the Configure button [| 

2 Click Role Management > Modify Role. 

3 Click “A in the Task column of the role you want to modify. 
4 Add or remove tasks from the Assigned Task list. 

5 Click OK. 


Deleting a Role Based Services Object 
4 Click the Configure button El 
2 Click Role Management > Delete RBS Object. 


3 Specify the name and context of the RBS role you want to delete. 
4 Click OK. 


Assigning RBS Role Membership and Scope 


Once you have defined the RBS roles needed in your organization, you can 
assign members to each role. In doing so, you specify the scope in which each 
member can exercise the functions of the role. The scope is the location or 
context in the eDirectory tree where this role can be performed. 


Roles can be assigned to the following objects: 
+ User 
+ Group 


You can create a Group object, assign Users to the Group, then associate 
the Group with the role. Every User object in the Group object is then 
automatically associated with that role. Groups or containers in the Group 
object are not associated with the role, however. 


+ Container 


Associating an Organization or Organizational Unit object with a role 
automatically assigns ever user in those containers to the role. 


With this method, there is no way to exclude specific users in those 
containers from the role assignment. 
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A member can perform multiple roles and tasks. You can also assign the same 
task to multiple members. 


1 


2 
3 
4 


Click the Configure button a) 
Click Role Management P Modifv Role. 
Click 'A in the Members column of the role you want to modify. 


In the Name field, specify an object name (a User, Group, or Container 
object) > click Add. 


To assign this role to multiple objects, repeat this step as many times as 
necessary. 


In the Name column, select the check box to the left of the object you just 
added. 


To assign the same scope to multiple members, select the names of all the 
members you want to have this scope in the Name column. 


In the Scope field, specify a scope (Organization or Organizational Unit 
object name and context) for a selected Name > click Add. 


Every object name you add must have a scope to designate the context in 
the tree that will be affected by that object. 


Click OK. 
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Associating 


Troubleshooting 


This section contains solutions to problems you might encounter when setting 
up or using iManage. 
In This Chapter 

+ “Associating a Role with a Scope” on page 27 

+ “Assigning the Tree Root as a Scope” on page 28 

+ “Creating Objects with European Characters” on page 28 


+ “Viewing and Entering Characters in Your Preferred Language” on page 
29 


+ “Turning off Friendly HTTP Error Messages” on page 29 


a Role with a Scope 


If you add a member to an rbsRole object, then try to associate that role with 
a scope (location in the eDirectory™ tree) that does not exist, you will get an 
error message. Click OK to clear the error message. 


In Netscape* 6.1, clicking OK may not clear the error message. To prevent this 
from happening, associate roles only with existing scopes. 


For more information, see “Assigning RBS Role Membership and Scope” on 
page 24, 
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Assigning the Tree Root as a Scope 


When a Role Based Services rbsRole object scope is set to the tree root and 
DSREPAIR is run, DSREPAIR invalidates the rbsRole object and makes 1t 
unusable. 


This happens only when you make the assignment to the tree root; any other 
scope in the tree is fine. To prevent this, do not assign the tree root as a scope. 


For more information, see Chapter 3, “Configuring Role Based Services,” on 
page 17. 


Creating Objects with European Characters 


To create objects containing European characters in iManage, set your 
browser locale to any European language. Even 1f you set your locale back to 
English, you can now create and view objects containing European characters. 


In This Section: 
+ “Setting Language Preferences in Internet Explorer” on page 28 


+ “Setting Language Preferences in Netscape” on page 28 


Setting Language Preferences in Internet Explorer 
4 Click Tools > Internet Options. 
2 Click Language > Add. 


3 Select a European language (such as Portuguese or German) > click OK. 


Setting Language Preferences in Netscape 
4 Click Edit > Preferences. 
2 Click Navigator > Languages > Add. 


3 Select a European language (such as Portuguese or German) > click OK. 
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Viewing and Entering Characters in Your Preferred 


Language 


To view and input characters in your preferred language, set your language to 
the first language in the list of available languages. If your preferred language 
is not available, you will need to install it. 


For more information on setting a preferred language in Netscape, see Basic 
Setup Information for International Users (http://home.netscape.com/eng/intl/ 
basics.html#setup). 


For more information on setting a preferred language in Internet Explorer, see 
Correctly Displaying Web Pages Encoded in Any Language (http:// 
www.microsoft.com/windows2000/en/server/help/) and Specifying Another 
Language or Web-Page Content (http://www.microsoft.com/windows2000/ 
en/server/help/). 


Turning off Friendly HTTP Error Messages 


If you encounter a "Page Not Found" error while running iManage in Internet 
Explorer 5.5, do the following: 


1 Make sure that you are running Internet Explorer 5.5 with Service Pack 2 
installed. 


2 In Internet Explorer, click Tools > Internet Options > Advanced. 
3 Deselect Show Friendly HTTP Error Messages. 
4 Click OK. 
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